Maybe. There was enough scary stuff in a draft of S.778, and its title in some of the worry on the Web that both probably need to be watched. Having one bill referred to Commerce... and one to Homeland Security ... does entail a two-front war. John On 2009Apr4, at 10:57 PM, Marcus H. Sachs wrote:
Wrong bill. You want S.773, not S.778. There were two bills introduced concerning cyber security. The one that has everybody talking is S. 773. S.778 concerns the creation of the Office of National Cybersecurity Advisor within the Executive Office of the President.
S.773 Title: A bill to ensure the continued free flow of commerce within the United States and with its global trading partners through secure cyber communications, to provide for the continued development and exploitation of the Internet and intranet communications for such purposes, to provide for the development of a cadre of information technology specialists to improve and maintain effective cybersecurity defenses against disruption, and for other purposes. Sponsor: Sen Rockefeller, John D., IV [WV] (introduced 4/1/2009) Cosponsors (3) Latest Major Action: 4/1/2009 Referred to Senate committee. Status: Read twice and referred to the Committee on Commerce, Science, and Transportation.
S.778 Title: A bill to establish, within the Executive Office of the President, the Office of National Cybersecurity Advisor. Sponsor: Sen Rockefeller, John D., IV [WV] (introduced 4/1/2009) Cosponsors (3) Latest Major Action: 4/1/2009 Referred to Senate committee. Status: Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Marc
-- Marc Sachs <marc@sans.org> Director, SANS ISC
-----Original Message----- From: John Schnizlein [mailto:schnizlein@isoc.org] Sent: Saturday, April 04, 2009 8:20 PM To: Suresh Ramasubramanian Cc: nanog@nanog.org; Jeff Young Subject: Re: Wow, just when you though big government was someone else's problem
I suggest that we wait until the actual text of S.778 actually shows up at http://thomas.loc.gov before reacting to hyperbolic analysis of drafts not actually assigned to the Committee on Homeland Security and Governmental Affairs. Although I am concerned with what has been attributed to this bill, not all drafts seem to contain the worst text. Once the Committee takes up the bill, the most effective way to fix or kill it is for the constituents of the members of that Committee to call or write them: http://hsgac.senate.gov/public/index.cfm?Fuseaction=About.Membership
John
On 2009Apr4, at 6:46 AM, Suresh Ramasubramanian wrote:
On Sat, Apr 4, 2009 at 2:33 PM, Jeff Young <young@jsyoung.net> wrote:
This comes from Lauren Weinstein's list and it's worth a read. It's a bill introduced into legislation, who knows where and when and if it will become law but, wow.
Relying on Lauren to hear about cybersecurity related news is like relying on Fox News for an accurate picture of what Obama is doing. Ignore.
I'll just give you a teaser:
SEC. 9. SECURE DOMAIN NAME ADDRESSING SYSTEM.
There's more than enough government supported work going on that promotes DNSSEC, in case you're not aware?
Other pearls of wisdom: the government will license all "cyber" security folks and you don't work on government or "any network deemed by the president to be critical infrastructure" without one.
Do you by any chance get to go work on sensitive government networks without, say, a security clearance?
--srs